Cisco IOS and IOS XE Software Multiple Remote Code Execution Vulnerabilities

by CIRT Team

27 Aug 2017

in Security Advisories & Alerts

No Comments

1638

Description: The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP – Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. A successful exploit could allow the attacker to execute arbitrary code and obtain full control of the affected system or cause the affected system to reload.

Related CVE’s

CVE-2017-6736
CVE-2017-6737
CVE-2017-6738
CVE-2017-6739
CVE-2017-6740
CVE-2017-6741
CVE-2017-6742
CVE-2017-6743
CVE-2017-6744

Impact: An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Failed exploit attempts may result in a denial of service condition; this can result in the attacker gaining complete control of the affected system.

These issues are being tracked by Cisco Bug IDs-CSCve54313,CSCve57697,CSCve60276,CSCve60376,CSCve60402,CSCve60507,CSCve66540,CSCve66601,CSCve66658,CSCve78027,CSCve89865.

Mitigation: Updates are available. Please check specific vendor advisory for more information.

Reference URL’s: